incubator-clerezza-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel Spicar (JIRA)" <j...@apache.org>
Subject [jira] Created: (CLEREZZA-421) Support for multiple user password encryptions
Date Mon, 14 Feb 2011 14:58:57 GMT
Support for multiple user password encryptions
----------------------------------------------

                 Key: CLEREZZA-421
                 URL: https://issues.apache.org/jira/browse/CLEREZZA-421
             Project: Clerezza
          Issue Type: New Feature
            Reporter: Daniel Spicar


We have an issue when we import users from a different system to clerezza. The users have
passwords encrypted in SSHA (not SHA-1 as clerezza uses). We do not have their clear-text
passwords.

Now I wonder how would you best enable clerezza to support logins with different password
encoding methods. Most likely a single user will only use one encoding but different users
can have different encodings. 

I have seen you have WeightedAutenicationMethod services. But if I interpret this correctly
it won't solve my issue. I assume I am looking for a way to register multiple AutenticationChecker
services such that passwords can be checked against more than one of them. I don't see this
implemented so far.

Some questions with this would be:
- do we simply add new properties for differently encoded passwords (passwordSsha, passwordSha1,
...) or do we change the ontology so a password resource contains both, the encrypted string
as a literal and a uri designating the password encoding method?
- can the user have more than one such password resources (the password encoded in multiple
encryption methods)?
- how to update user passwords? (e.g. delete all passwords and add a new one in the default
encoding of the platform) 

I could provide a patch for this issue but we should define how we want to resolve it first.

-- 
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message